
<?php
 
	//开启Session
	session_start();
	header("Content-type:text/html;charset=utf-8");
 
	$link = mysqli_connect('localhost','root','123456','panda_work');
 
	if (!$link) {
	 die("连接失败:".mysqli_connect_error());
	}
 
	//接受提交过来的用户名及密码
	$username = @$_POST["username"];//用户名
	$password = @$_POST["password"];//密码
	$captcha = @$_POST["captcha"]; //验证码
 
	/*if($username == "")
	{
	 //echo "请填写用户名<br>";
	 echo"<script type='text/javascript'>alert('请填写用户名');location='login.html'; </script>";
	}
	if($password == "")
	{
	 //echo "请填写密码<br><a href='login.html'>返回</a>"; 
	 echo"<script type='text/javascript'>alert('请填写密码');location='login.html';</script>";
	}*/
 
	if($captcha != @$_SESSION['authcode']) //判断填写的验证码是否与验证码PHP文件生成的信息匹配
	{
	 echo "<script type='text/javascript'>alert('验证码错误!');location='../index.php';</script>";
     return;
	}
 
	$sql = "select * from panda_admin";
	$result = mysqli_query($link, $sql);
	$rows = mysqli_fetch_array($result);
 
	if($rows) {
	 //拿着提交过来的用户名和密码去数据库查找，看是否存在此用户名以及其密码
		if ($username == $rows["name"] && $password == $rows["password"]) {
 
		$_SESSION['username'] = $username;
		 //echo "验证成功！<br>";
		 echo "<script type='text/javascript'>alert('登陆成功');location='../web/index.html';</script>";
		} else {
		 //echo "用户名或者密码错误<br>";
		 echo "<script type='text/javascript'>alert('用户名或者密码错误');location='../index.php';</script>";
		 //echo "<a href='login.html'>返回</a>";
		}
	}

?>